/, Documentation, For Doctors/Are You Gambling with HIPAA Compliance? 3 Things Your Healthcare Practice Should Be Aware Of

Are You Gambling with HIPAA Compliance? 3 Things Your Healthcare Practice Should Be Aware Of

Few things are as critical to the operation of your healthcare business as compliance.

Of course, every other facet of your business is important, but unless you’re meeting the required standards of regulatory compliance, you’re jeopardizing the very survival and existence of your entire operation due to the potential liabilities created when compliance takes a back seat.

A strong statement indeed, but federal governing authorities don’t take regulatory compliance issues lightly.

The HIPAA Privacy Rule

The HIPAA Privacy Rule regulates the disclosure of protected health information (PHI).

  • Individually identifiable information contains data that can be used to identify the person it belongs to. It is either created or received by a covered entity, and it relates to the past, present, or future physical or mental health condition of the patient or payment for the provision of health care.
  • HIPAA provides guidelines for businesses and their employees’ responsibility to protect PHI at all times.
  • HIPAA outlines the rights that patients have regarding the release of their PHI.
  • HIPAA requires covered entities to work with business associates who must also follow these rules and guidelines.

Complying with the Minimum Necessary Rule

 The Minimum Necessary Rule is a provision of the Privacy Rule that provides direction for how to handle disclosures and protect the confidentiality of patients’ PHI.

  • Under the Minimum Necessary Rule, employees who use and disclose PHI must limit the information they disclose to the minimum necessary amount to accomplish the intended purpose.
  • Covered entities are required to have policies and procedures in place to assist employees in making minimum necessary determinations.
  • When requests come from other covered entities, business associates, or certain government agencies; the patient relies upon the party making the request—that they are seeking the minimum necessary information needed for its particular purpose for treatment of the patient.

Complying with the Privacy Rule

While HIPAA and PHI compliance requirements may appear to be excessive, and perhaps even a nuisance at times, the lawsuits, penalties, and even jail time for non-compliance can be severe.  There are several other reasons why compliance is necessary.

Consider the following:

  • Patient privacy – Protecting patient privacy is an essential element of the relationship of trust between healthcare providers and the patients they serve.
  • Audits – Be Prepared. Random audits happen or a patient may complain to a governing organization.
  • Avoiding fines—Individual fines may range from $100 to $50,000 per violation, and they may be imposed in response to Privacy Rule violations.
  • Avoiding jail time – In extreme cases, individuals can face criminal penalties, such as jail time.

The Office of Civil Rights (OCR) doesn’t gamble with HIPAA and PHI.  Neither should You.

Most Business Operations incorporate numerous tools to assure they are maximizing their compliance efforts.

One very important tool that can be utilized is HealthSplash and their SplashRx Electronic Clinical Assessment tools.

Not only are these tools vetted using the LCD’s and Medicare guidelines, they allow integration between Prescribing Clinicians, Telemedicine, DME Suppliers, Pharmacies, Marketing Entities, Physical Therapists, Hospitals, and other healthcare entities for secure exchange of protected healthcare information.

HealthSplash believes best practices should always include tools to show best effort to comply.

By |2019-01-24T17:00:47+00:00January 21st, 2019|Blog, Documentation, For Doctors|0 Comments

About the Author:

Joyce has an extensive and diverse background in Systems Management for healthcare, including physician practice management, DME supplier company management, medical billing, physician EMR systems, and medicare and commercial payer compliance. Joyce has been particularly successful in assisting physician practices, outpatient surgery centers, DME companies, and software companies increase their revenues and profitability while maintaining regulations and HIPAA Compliance requirements for Medicare, Medicaid, Private Insurance, Workman’s Comp and other insurance programs. Her experience with HIPAA and Medicare LCD requirements has been a vital resource in assisting in the development of exam and documentation compliance protocols for healthcare entities, and she has assisted physician and DME supplier organizations in meeting billing requirements for compliance purposes. Joyce is currently Director of Compliance for HealthSplash, Inc.

Leave A Comment